Setting Up SSL

16 posts / 0 new
Last post
#1 Sun, 09/25/2011 - 19:39
UWF

Setting Up SSL

I decided I'd like to encrypt all my sites and servers. I use Virtualmin for all of them and GoDaddy for all of my domains. I'm given free SSL. What would be the best course of action to start setting up SSL encryption on all of my sites?

Sun, 09/25/2011 - 19:49
andreychek

Howdy,

Well, these two documents describe setting up SSL:

http://www.virtualmin.com/documentation/tutorial/how-to-add-an-ssl-certi...

http://www.virtualmin.com/documentation/tutorial/how-to-add-multidomain-...

The catch here though is that you need one public IP address per SSL certificate. So if you want one SSL cert per domain, that could be a lot of IP addresses depending on how many domains you have :-)

You can use wildcard certs and UCC certs, but the downside there is that you're sharing one certificate across several domains.... that usually only works if it's the same person who owns all the domains.

-Eric

Mon, 09/26/2011 - 16:24
UWF

Hey. I'm interested in using the other kinds of certs then because I'm the owner of all the domains and there are about 10 on each Virtualmin server. Also I messed up in the first post I don't use GoDaddy I use Namecheap.

Mon, 09/26/2011 - 16:32
andreychek

Yup, those namecheap certs should work just fine.

So, it sounds like you may want to look into their wildcard and UCC certificates.

-Eric

Mon, 09/26/2011 - 17:44
andreychek

Yes, in your case -- since all the domains are owned by you -- you can keep the SSL cert on your primary IP address.

-Eric

Mon, 09/26/2011 - 21:42
UWF

So if I do share them all they will all need to use the same organization name?

Mon, 09/26/2011 - 21:48
andreychek

Yup! SSL certs can only have one Organization name.

That said, most people won't notice what you set that to :-)

-Eric

Tue, 09/27/2011 - 18:04
UWF

Ok I added the CSR to Namecheap and uploaded my PositiveSSL certificate but when I go to my site it doesn't use SSL. I added it to mw3spot.com and I made sure to check the use SSL box and save.

Tue, 09/27/2011 - 18:13
andreychek

Howdy,

Your SSL cert looks good! You just have to access your site using https:// if you want it to use SSL.

-Eric

Tue, 09/27/2011 - 18:25
UWF

Can I redirect everything and switch all my embedded content or would that be difficult?

Tue, 09/27/2011 - 18:34
andreychek

You could try putting a .htaccess file in your public_html folder, and put this in it:

RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://mw3spot.com/$1 [R,L]
Tue, 09/27/2011 - 18:38
UWF

I already have a .htaccess that came with the script:

Mod_security can interfere with uploading of content such as attachments. If you cannot attach files, remove the "#" from the lines below. SecFilterEngine Off SecFilterScanPOST Off

ErrorDocument 401 default ErrorDocument 403 default ErrorDocument 404 default ErrorDocument 500 default

RewriteEngine On

#   If you are having problems with the rewrite rules, remove the "#" from the
#   line that begins "RewriteBase" below. You will also have to change the path
#   of the rewrite to reflect the path to your XenForo installation.
#RewriteBase /xenforo

#   This line may be needed to enable WebDAV editing with PHP as a CGI.
#RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.*$ - [NC,L]
RewriteRule ^(data/|js/|styles/|install/|favicon\.ico) - [NC,L]
RewriteRule ^.*$ index.php [NC,L]

Where can I add it in?

Tue, 09/27/2011 - 18:41
andreychek

Try putting those lines at the beginning of your .htaccess file.

-Eric

Tue, 09/27/2011 - 18:47
UWF

Hmmm doesn't look like it worked.

Tue, 09/27/2011 - 18:54
UWF

Looks like it worked now. Chrome shows a crossed out SSL though. I think I'll have to find and edit the stuff with http://.

Tue, 09/27/2011 - 19:03
UWF

I'll just leave it at that. Thanks a lot :).

Topic locked